Add views directory and UI improvements
- Add all view templates (servers, auth, dashboard, admin, layouts, errors, terminal) - Fix SSH double decryption bug in SSHService - Fix router parameter type casting for strict_types - Add missing error views (401, 403, 404) - Add nginx manager with file editing - Add SSL certificates management - Add database manager with phpMyAdmin-like interface - Add sidebar server accordion
This commit is contained in:
123
views/admin/security.php
Executable file
123
views/admin/security.php
Executable file
@@ -0,0 +1,123 @@
|
||||
<div class="page-header">
|
||||
<h1 class="page-title">Security Settings</h1>
|
||||
<p class="page-subtitle">Configure security parameters and view status</p>
|
||||
</div>
|
||||
|
||||
<div class="dashboard-grid">
|
||||
<div class="dashboard-card">
|
||||
<div class="card-header">
|
||||
<h2><i class="fas fa-lock"></i> Encryption Status</h2>
|
||||
</div>
|
||||
<div class="card-body">
|
||||
<div class="security-status">
|
||||
<div class="security-item">
|
||||
<span>Master Encryption Key</span>
|
||||
<?php
|
||||
$config = \ServerManager\Core\App::getConfig();
|
||||
$keyConfigured = !empty($config['encryption']['master_key']) ||
|
||||
(isset($config['encryption']['master_key_file']) && file_exists($config['encryption']['master_key_file']));
|
||||
?>
|
||||
<span class="badge badge-<?= $keyConfigured ? 'success' : 'danger' ?>">
|
||||
<?= $keyConfigured ? 'Configured' : 'Not Configured' ?>
|
||||
</span>
|
||||
</div>
|
||||
<div class="security-item">
|
||||
<span>Password Hashing</span>
|
||||
<span class="badge badge-success">Argon2id</span>
|
||||
</div>
|
||||
<div class="security-item">
|
||||
<span>AES-256-CBC Encryption</span>
|
||||
<span class="badge badge-success">Active</span>
|
||||
</div>
|
||||
<div class="security-item">
|
||||
<span>Session Configuration</span>
|
||||
<span class="badge badge-<?= $config['session']['secure'] ? 'success' : 'warning' ?>">
|
||||
<?= $config['session']['secure'] ? 'Secure' : 'HTTP' ?>
|
||||
</span>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="dashboard-card">
|
||||
<div class="card-header">
|
||||
<h2><i class="fas fa-shield-alt"></i> Security Features</h2>
|
||||
</div>
|
||||
<div class="card-body">
|
||||
<div class="security-status">
|
||||
<div class="security-item">
|
||||
<span>CSRF Protection</span>
|
||||
<span class="badge badge-success">Enabled</span>
|
||||
</div>
|
||||
<div class="security-item">
|
||||
<span>XSS Prevention</span>
|
||||
<span class="badge badge-success">Enabled</span>
|
||||
</div>
|
||||
<div class="security-item">
|
||||
<span>Rate Limiting</span>
|
||||
<span class="badge badge-success">Enabled (<?= $config['rate_limit']['max_attempts'] ?> attempts/<?= $config['rate_limit']['decay_minutes'] ?>min)</span>
|
||||
</div>
|
||||
<div class="security-item">
|
||||
<span>Input Validation</span>
|
||||
<span class="badge badge-success">Enabled</span>
|
||||
</div>
|
||||
<div class="security-item">
|
||||
<span>Audit Logging</span>
|
||||
<span class="badge badge-success">Enabled</span>
|
||||
</div>
|
||||
<div class="security-item">
|
||||
<span>Session Security</span>
|
||||
<span class="badge badge-success">HTTP Only + SameSite</span>
|
||||
</div>
|
||||
<div class="security-item">
|
||||
<span>API Authentication</span>
|
||||
<span class="badge badge-success">Bearer Token</span>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="dashboard-card">
|
||||
<div class="card-header">
|
||||
<h2><i class="fas fa-key"></i> Master Key Management</h2>
|
||||
</div>
|
||||
<div class="card-body">
|
||||
<div class="alert alert-warning">
|
||||
<i class="fas fa-exclamation-triangle"></i>
|
||||
<strong>Important:</strong> The master encryption key is stored outside the database.
|
||||
If lost, ALL encrypted SSH credentials will be unrecoverable.
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label>Key File Location</label>
|
||||
<code><?= htmlspecialchars($config['encryption']['master_key_file'] ?? '/etc/servermanager/master.key') ?></code>
|
||||
</div>
|
||||
|
||||
<div class="form-actions" style="margin-top: 1rem;">
|
||||
<button class="btn btn-warning" onclick="generateKey()">
|
||||
<i class="fas fa-key"></i> Generate New Master Key
|
||||
</button>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<script>
|
||||
function generateKey() {
|
||||
if (!confirm('WARNING: Generating a new master key will make all existing encrypted credentials UNREADABLE. ' +
|
||||
'You will need to re-enter all SSH credentials. Continue?')) return;
|
||||
|
||||
fetch('/admin/security/generate-key', {
|
||||
method: 'POST',
|
||||
headers: {
|
||||
'Content-Type': 'application/x-www-form-urlencoded',
|
||||
'X-CSRF-Token': document.querySelector('meta[name="csrf-token"]')?.content || '',
|
||||
},
|
||||
body: '_csrf_token=' + encodeURIComponent(document.querySelector('meta[name="csrf-token"]')?.content || ''),
|
||||
})
|
||||
.then(r => r.json())
|
||||
.then(data => {
|
||||
showToast(data.success ? 'success' : 'error', data.message);
|
||||
});
|
||||
}
|
||||
</script>
|
||||
Reference in New Issue
Block a user